Black Duck Software Canada: Advanced Technology Research

Open Source Software and Services are changing the ways the commercial software are being built and delivered. Black Duck Research is at the forefront of conducting state-of-the-art applied research so that enterprises can consume Open Source driven solutions in a more compliant, secure and reliable way. In that context, we conduct state-of-the-art applied research in Data Mining, Machine Learning, Natural Language Processing, Software Engineering and other related areas. Our research team consists of award winning computer scientists, innovators, Ph.D. and Master’s degree students, advised by software industry veterans and faculty members from premier institutes and universities in the US and Canada. We have strong research collaborations with academic institutes through internship and co-op programs.

Black Duck Research Vision

Open Source related data are constantly evolving. These evolving data pose several challenges for Open Source governance and adoption in a compliant and secure way. Many of these challenges stem from the fact that Open Source projects entail large volumes of structured and unstructured data that are difficult to find, manage and analyze. We are applying various Data Mining, Machine Learning and Natural Language Processing solutions to solve some of the most challenging problems related to open source security.

Black Duck Research Projects

Web Services Governance

Data-related web services such as APIs and micro services are important for enterprises to achieve their businesses goals. Users of data services (enterprises or individuals) must ensure that they are compliant with the terms of services (ToS) that govern the usage of those web services. ToS may be revised frequently, requiring re-evaluation of corresponding data services from legal compliance, security and privacy perspectives. Unfortunately, tracking changes in ToS is difficult and time-consuming, especially when hundreds or thousands of data and micro services are in use. Finding changes in ToS with legal and security implications is an even more difficult task. Black Duck Research develops solutions to manage the legal and security risks that come with the usage of web services.

Open Source Software Data Management

Black Duck Software constantly curates massive amounts of open source software and services-related data, such as source code, vulnerabilities and licenses to provide our customers and partners with insights that enable them to consume open source in a more compliant and secure way. It is challenging to develop flexible approaches to maintain, query, browse and organize this information, which contains both unstructured and structured data. Black Duck Research is developing database design principles and computational techniques for managing open source related data efficiently.

Security Data Management and Analytics

Open Source security in many ways is a data management problem. Developers find it difficult to choose open source that are secure and free of publicly known vulnerabilities. An Artificial Intelligence driven security solution, which is trained with real world datasets, is the next frontier of Open Source security. At Black Duck Research, we have the world’s largest database of open source software to move us closer in that direction. In this context, we track publicly known vulnerabilities, licenses, vendor information, and many other pieces of information to train computing machines and build next generation of Open Source security solutions.

Open Source Semantic Search

In the constantly expanding world of open source software and services, developers find it increasingly difficult to choose open source that is compliant, secure and reliable. There are millions of open source software and services publicly available today, and compliance, security and quality related information is extremely difficult for developers to find, making mindful selection of open source an onerous process. Black Duck Research is building a semantic search engine that allows users to describe their requirements in natural language and receive results that meet quality, legal and security requirements.

Black Duck Research Leadership & Collaborators

Research Team Leads:

Zhensong Qian

Zhensong Qian is a data scientist at Black Duck Research. He is working on Open Source Software (OSS) graph modelling and visualization related problems. He earned his PhD degree in the school of computing science from Simon Fraser University, Canada. He has won several research awards and has gained more than 7 years of research expertise in the field of machine learning, big data analytics and database management. He has published numerous research papers at various top international conferences and journals. Leveraging the state-of-the-art machine learning and data science techniques, he enjoys analyzing and modeling the complex, multi-dimensional data to solve real-world problems. During this process he has developed novel solutions to data intensive industry applications.

Sardar Ali

Sardar Ali is a Data Scientist at Black Duck Research. He leads the web services data management team that is focused on building technological solutions for governance of web services in commercial applications. Previously, Sardar was with SAP where he helped in automating the web services legal compliance processes. Sardar received his PhD in Computer Science from the University of Victoria, Canada.

Irfan Ul Haq, Sardar Ali, Hasan Khan, and Syed Ali Khayam, "What is the Impact of P2P Traffic on Anomaly Detection?," International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2010.

Cheng Chen

Cheng Chen is a Data Scientist at Black Duck Research. He is leading the open source data management team. He received the B.Sc. degree in Computer Science from Beijing University of Posts and Telecommunications, China in 2010, and M.Sc. and Ph.D. degrees in Computer Science from the University of Victoria, Canada in 2012 and 2016, respectively. His research interests are online social networks, recommender systems, and distributed algorithms for graph mining. He has published research papers in top tier conferences and journals.

Yiming (Nathan) Zhang

Nathan is a Data Scientist at Black Duck Research. He is currently leading the security team that is creating Artificial Intelligence driven solutions for Cyber Security problems. Besides work, he likes to play and watch tennis. He is also a super fan of Novak Djokovic. He holds a MSc in Electrical and Computer Engineering from University of British Columbia.

Research Leadership Team:

Baljeet Malhotra

Baljeet is the Vice President of Research at Black Duck Software and founder of Black Duck Software Canada, an R&D division of the company. Baljeet is also an Adjunct Professor at the Sauder School of Business at the University of British Columbia, and Chief Scientific Adviser of TeejLab Inc., a technology advisory company that specializes in Data Science driven innovations. Before heading Black Duck Canada, he was Research Director at SAP Canada Inc.

He is an award-winning computer scientist who has led several research and industry projects in the areas of open source governance, database management, analytics and networks. He evaluates Open Source software trends and related research problems to plan growth opportunities in various business areas for different industries. He specializes in managing innovation projects from the idea/need identification phase through to completion and go-to-market strategies. He designs and implements strategic plans and high-performance teams for research startup by building relationships with academia and industries.

He received his PhD degree in Computing Science from the University of Alberta, Canada, a post-doctorate from the National University of Singapore and a management certificate from the Singapore Management Institute in Singapore. He has published numerous patents and research work at various international journals and conferences. He provides thought leadership and gives lectures at various international venues. He was chosen "Graduate Scholar" by NSERC, Canada during 2006-2009 and "Young Global Scientist" by the Government of Singapore in 2011 and 2012. He was chosen Distinguished Alumni of UNBC in 2017.

Baljeet Malhotra, et. al., A System for Policy Management and Analytics, US20150100382.

Books:

Baljeet Malhotra. Chapter: Maritime Data Management and Analytics: A Survey of Solutions Based on Automatic Identification System, Book: Building Sensor Networks From Design to Applications, Published September 5th 2013 by CRC Press.

Baljeet Malhotra. A Curriculum Guide for Data Warehousing and Business Intelligence. Proc. of the Western Canadian Conf. on Computing Education (WCCCE), Prince George, BC, Canada, May 5-6, 2005. http://web.unbc.ca/wccce05/html/proceedings.html

Professor Bertino’s main research interests cover areas in the fields of information security and database systems. Her research combines both theoretical and practical aspects, addressing as well applications on a number of domains, such as medicine and humanities. She is co-editor in chief ofGeoInformatica and of IEEE Transactions on Dependable and Secure Computing, and editor of the Synthesis Lectures on Information Security, Privacy, and Trust. She has authored several articles in International Journals and Conference Proceedings, and is co-author of several books.

Hasan Cavusoglu (Collaborator)

Hasan is an Associate Professor at the Sauder School of Business at the University of British Columbia. His main research interest is to evaluate strategic impact of information technology (IT) investments. He studies the relationship between the value of IT and the competitive advantages created by the implementation of IT, product variety and differentiation on the Internet. His research also includes evaluating design and implementation issues in information security management systems.

Mario Nascimento (Collaborator)

Mario is a full Professor at the Department of Computing Science, University of Alberta and serves as Chair of the Department. His main research interests lie in the areas of Spatio-Temporal Data Management and Data Management for Wireless Sensor Networks.

Kui Wu (Collaborator)

Kui is a full Professor at the Department of Computing Science, University of Victoria. Professor Wu’s expertise covers performance modeling as well as the evaluation of networking systems, cloud computing, Quality of Service (QoS) of computer networks and online social networks. He has made significant contributions to network performance modeling with stochastic network calculus, network planning, and information processing and modeling in online social networks.

Professor Wu’s research has been published in several top journals and conferences, including IEEE Transactions on Computers and IEEE Transactions on Parallel and Distributed Systems. His work includes consulting for Streetlight Intelligence Inc. (STI), Canada, where he helped design a wireless sensor network for intelligent streetlight control. He has also worked with Nokia, Canada, to develop new technologies for a fast, privacy-preserving information exchange over mobile social network, and with InteLuma Inc. on cloud-based data management for energy consumption data. His R&D projects with Schneider Electric on power quality analysis of enterprise-level power networks led to two approved US patents.

Gail Murphy

Gail is a full professor at the University of British Columbia’s Department of Computer Science and Vice President Research & Innovation. Dr. Murphy’s research focuses on improving the productivity of software developers and knowledge workers by providing the necessary tools to identify, manage and coordinate the information that matters most for their work.

Dr. Murphy joined UBC in 1996 and was a key driver of the new Master of Data Science—a professional graduate program launching in Fall 2016—and has been instrumental in championing the creation of a Data Science Institute at the university. She also maintains an active research group with post-doctoral and graduate students. She is a Fellow of the Royal Society of Canada and an Association for Computing Machinery (ACM) Distinguished Scientist, as well as co-founder and Chief Scientist at Tasktop Technologies Incorporated. Dr. Murphy also serves on the editorial boards for Communications of the ACM, and Institute of Electrical and Electronics Engineers Transactions on Software Engineering.